You want to help patients and not put them at risk from a data breach. Keep them and HIPAA happy by following these straightforward tips to handle your paper-protected health information.
You spend a lot of time staying on top of your electronic health records, but you can't ignore the file cabinets filled with patient information on paper. A completely paperless operation is a dream for many health companies. Until you can achieve that digital goal, you need an effective way to restrict access to your hard copies.
Keep Control Over Physical Access
You start with who should and shouldn't have access to protected health information. When you have strong physical security protocols in place, you can proactively address many common issues.
Filing cabinets should stay locked after your staff pulls out records or puts them back in. The hard copies should only be outside of this location when they're in active use. Forget about using open shelves in the office, particularly near check-in and check-out desks that the patients have easy access to. The papers belonging to a particular file should stay grouped together at all times other than when you make copies.
Staff members looking over papers need to maintain awareness of their surroundings. When they face a risk of someone accidentally seeing information on paper records, they should take the appropriate action to hide this data from the person's view.
The offices and storage rooms containing this sensitive information need a physical security system. Some options you can use include ID swiping systems, keys, biometric scanners or keypads with a frequently changing code.
Create an Effective Paper Document Management System
Your paper filing system can also introduce security risks. Focus on methods to put an audit trail in place that tracks the records' location, a sign-in for any papers accessed by your staff and a receipt with the date.
Properly Dispose of Paper Records
Documents containing protected health information can't go into the trash as-is. Many identity thefts occur when people go through the garbage to find valuable information. Thwart these would-be fraudsters by shredding all papers that have PHI, personal or financial information. You don't have to lock up the garbage after you go through this step. However, if you have a substantial amount of paper, disposal vendors can pick up and properly destroy your files for you.
You want to help patients and not put them at risk from a data breach. Keep them and HIPAA happy by following these straightforward tips to handle your paper-protected health information.
